Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Securing Your Couchbase Environment in Couchbase Server 4.0: Couchbase Connect 2015


Published on

Couchbase Server 4.0 offers new security features that allow administrators to customize security for different users and, above all, protect their deployments. A secure deployment requires defensive, in-depth security controls for authentication, authorization, encryption, auditing and administration. In this session, Solutions Engineer Darin Briskman and Senior Product Manager Don Pinto will show attendees how to leverage the features in Couchbase Server 4.0 and present integration options with third-party partner solutions. This talk will include technical details of the new administrative auditing functions and a demonstration of a centralized auditing solution.

Visit our website for more information:

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Securing Your Couchbase Environment in Couchbase Server 4.0: Couchbase Connect 2015

  1. 1. SECURING YOUR COUCHBASE ENVIRONMENT Don Pinto | Sr. Product Manager | Darin Briskman | Professional Services |
  2. 2. ©2015 Couchbase Inc. 2 Disclaimer  Couchbase Server 4.0 is still in development. Details presented in this presentation might change based on customer feedback and other factors by the time the final version of the product is released. “Prediction is very difficult, especially about the future.” - Niels Bohr
  3. 3. ©2015 Couchbase Inc. 3 Key drivers of NoSQL data security Regulatory compliance requirements  PCI, HIPAA, EU Data Protection Directive, and others  Additional corporate security policies Growing number of insider threats *2015 Vormetric Insider Threat Report
  4. 4. ©2015 Couchbase Inc. 4 Core security requirements AUTHENTICATION • Who am I/prove it • Control access to cluster AUTHORIZATION • Admin/data access separation • Role based access ENCRYPTION • Encrypt data at rest and in-motion ADMINISTRATION • Security best practices AUDITING • Who did what, when, and how ?
  5. 5. ©2015 Couchbase Inc. 5 Previously… In 2.2 In 2.5 In 3.0 New in 4.0 SASL AuthN with Bucket Passwords Admin User Secure Build Platform Read-Only User Easy Admin Password Reset Non-Root User Deployments Secure Communication for XDCR Encrypted Client- Server Communication Encrypted Admin Access Access Log Data-at-Rest Encryption • Simplified compliance with admin auditing • External identity management for admins using LDAP Couchbase security journey In a few slides...
  6. 6. ©2015 Couchbase Inc. 6 Couchbase authentication  Application authentication  Buckets are protected with challenge-response SASL protocol  AuthN happens over CRAM-MD5  Admin authentication  Authentication through admin username and password  Authentication through LDAP (New in 4.0) AUTHENTICATION
  7. 7. ©2015 Couchbase Inc. 7 External identity management using LDAP  Centralized identity management  Define multiple read-only admins and full-admins  Centralized security policy management for admin accounts for stronger passwords, password rotation, and auto lockouts  Individual accountability. Simplified compliance.  Define UIDs in LDAP, and map UIDs to read-only/full admin role in Couchbase  Comprehensive audit trails with LDAP UIDs in audit records AUTHENTICATION
  8. 8. ©2015 Couchbase Inc. 8 LDAP architecture in Couchbase Admin UID/password UIDs defined in LDAP OpenLDAP protocol saslauthd config file SASLAUTHD CHECK IN LDAP ? SASL protocol YES / NO? CHECK IN ADMIN PASSWORD FILE Authentication SUCCESS! Authentication FAILED! UID / password AUTHENTICATION
  9. 9. ©2015 Couchbase Inc. 9 New UI for authorizing LDAP administrators Turn on/off LDAP Add UIDs to read-only admins Add UIDs to full admins Set default behavior if UID is not mapped Testing credentials to verify what level of access Plus RESTAPIs and CLI integration for programmatic setup AUTHENTICATION
  10. 10. ©2015 Couchbase Inc. 10 Couchbase authorization  Application data access  Full access to specific buckets  Admin access  Full administrator has full privileges on the cluster  Read-only administrator cannot change cluster settings AUTHORIZATION
  11. 11. ©2015 Couchbase Inc. 11 Couchbase encryption – client  Encryption at the application  LeverageVormetric encryption and key management  APIs, libraries, and sample code in Java, .NET, C/C++. VAE Application Vormetric Application Encryption Encryption Key Request / Response* DSM Client-server SSL ENCRYPTION
  12. 12. ©2015 Couchbase Inc. 12 Couchbase encryption – in motion  Data-in-motion encryption  Client-server communication should be encrypted using SSL  Secure admin access using SSL over port 18091  Secure view access using SSL over port 18092  Secure XDCR for encryption across datacenters Track all Access SERVER 3SERVER 1 SERVER 2 Couchbase Server – New York SERVER 3SERVER 1 SERVER 2 Couchbase Server – London SSL Client applications Secure XDCR over SSL Admin access over port 18091 SSL View access over port 18092 SSL https://couchbase_server:18091/… https://couchbase_server:18092/… ENCRYPTION
  13. 13. ©2015 Couchbase Inc. 13 Couchbase encryption – at rest  Transparent data-at-rest encryption solution ENCRYPTION Storage Database Application User File Systems Volume Managers DSM Vormetric Data Security Manager on Enterprise premise or in cloud virtual or physical appliance • Centrally manage keys and policy • Virtual and physical appliance • High-availability with cluster • Multi-tenant and strong separation of duties • Proven 10,000+ device and key management scale • Web, CLI, API Interfaces • FIPS 140-2 certified Secure Personally Identifiable Information • User profile information • Login Credentials • IP Addresses
  14. 14. ©2015 Couchbase Inc. 14 Admin auditing in Couchbase  Rich audit events  Over 25+ different, detailed admin audit events  Auditing for tools including backup  Configurable auditing  Configurable file target  Support for time-based log rotation and audit filtering  Easy integration  JSON format allows for easy integration with downstream systems using Flume, Logstash, and syslogd AUDITING
  15. 15. ©2015 Couchbase Inc. 15 Auditing events LIST OF ADMIN AUDIT EVENTS Success/failure login for administrator Audit configuration changes Enable/disable audit Add a node to the cluster Remove a node from the cluster Failover a node Rebalance the cluster Shutdown/startup of the system by the administrator Create a bucket Delete a bucket Flush a bucket Modify bucket settings Change configured disk and index path Add read-only administrator user Backup AUDITING Remove read-only administrator user Add admin user Remove admin user Setup remote cluster reference Delete remote cluster reference Changes to XDCR Creating/deleting XDCR profile Pause resume XDCR stream ChangingXDCR filter rules Add/remove query node Add/remove index node Create server group Add node to server group Remove node from server group Delete server group Admin password changes/resets
  16. 16. ©2015 Couchbase Inc. 16 Auditing a successful login { "timestamp":"2015-02-20T08:48:49.408-08:00", "id":8192, "name":"login success", "description":"Successful login to couchbase cluster", "role":"admin", "real_userid": { "source":"ns_server", "user":"bjones” }, "sessionid":"0fd0b5305d1561ca2b10f9d795819b2e", "remote":{"ip":"", "port":59383} } WHEN WHO WHAT HOW AUDITING
  17. 17. ©2015 Couchbase Inc. 17 ADMINISTRATION Securely Deploying CouchbaseOutside Network WEB AND MOBILE APPS Load Balancer Allow Couchbase ingress and outgress ports Allow Couchbase node-to-node ports on local internal networkCOUCHBASE CLUSTER Internal Network Perimeter Network End users & hack3rs Web Server External Firewall Internal Firewall Allow webserver ingress and outgress ports Packet Filtering Blocking malicious IPs IT Admins & App Developers IT Admin & DBA Check out our docs for in-depth security best practices
  18. 18. ©2015 Couchbase Inc. 18 ©2014 Couchbase, Inc. Prod Dev,QA, Test Storage Storage Backup Server Sensitive hAck3rs Which ports are open through the firewall? What if an operator steals a disk? Is sensitive data encrypted? Is there admin access and data access separation? Are backups encrypted ? Is XDCR Secure? What vulnerabilities? Questions to ask ADMINISTRATION XDCR to remote Cluster
  19. 19. Demo Couchbase admin auditing & splunk security reporting
  20. 20. What’s next ?
  21. 21. ©2015 Couchbase Inc. 21 Security roadmap 21 Simplified Compliance  Simplified compliance with auditing framework for admin actions  External identity management for admins with enterprise standard identity management tools through LDAP Fine-Grained Authorization  User, roles, and permissions for admins and applications Advanced Compliance  Application auditing  External authentication for applications Today Next Future * The following is intended to outline our general product direction. It is intended for information purposes and is only a plan.
  22. 22. Thank you! | @NoSQLDon | @briskmad
  23. 23. Get Started withCouchbase Server 4.0: GetTrained on Couchbase: